Re: cryptsetup problem

To: debian-user@lists.debian.org
Subject: Re: cryptsetup problem
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sat, 7 Jun 2014 21:24:37 -0300
Message-id: <[🔎] 20140608002437.GB20521@khazad-dum.debian.net>
In-reply-to: <[🔎] 5393A86F.1070202@affinityvision.com.au>
References: <[🔎] 53934D0C.7080607@affinityvision.com.au> <[🔎] 20140607200648.26f0c954@anubis.defcon1> <[🔎] 53936FFB.8010902@affinityvision.com.au> <[🔎] 20140607221853.7313c72d@anubis.defcon1> <[🔎] 539379C8.3060908@affinityvision.com.au> <[🔎] 53937E24.3040800@affinityvision.com.au> <[🔎] 20140608000236.29b24f8f@anubis.defcon1> <[🔎] 539393A9.7030201@affinityvision.com.au> <[🔎] 20140607234840.GA20521@khazad-dum.debian.net> <[🔎] 5393A86F.1070202@affinityvision.com.au>

On Sun, 08 Jun 2014, Andrew McGlashan wrote:
> On 8/06/2014 9:48 AM, Henrique de Moraes Holschuh wrote:
> > Anyway, make sure you monkey around a lot with the keyboard and mouse before
> > you let the Debian installer generate any encrypted filesystems on a system
> > without a kernel-supported TRNG/HRNG/DRNG.  Or get a large file of random
> > numbers over the network and cat it into /dev/random (i.e. write to it as
> > root) using the Installer's console, before you tell it to generate any
> > crypto keys/encripted filesystems.
> 
> What if the installer would just pull in some live video stream(s) such
> as YouTube, IPTV or even just live radio stations all via the Internet,
> would that help?  Even if it doesn't present the video and/or audio to
> the installer.

For this to be safe, you need it to be entirely under control of the user,
or to come from a trusted (and, if external, authenticated) source.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- Re: cryptsetup problem
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
- Re: cryptsetup problem
  - From: Bzzz <lazyvirus@gmx.com>
- Re: cryptsetup problem
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
- Re: cryptsetup problem
  - From: Bzzz <lazyvirus@gmx.com>
- Re: cryptsetup problem
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
- Re: cryptsetup problem
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
- Re: cryptsetup problem
  - From: Bzzz <lazyvirus@gmx.com>
- Re: cryptsetup problem
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
- Re: cryptsetup problem
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: cryptsetup problem
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>

Prev by Date: Re: cryptsetup problem
Next by Date: Re: cryptsetup problem
Previous by thread: Re: cryptsetup problem
Next by thread: Re: cryptsetup problem
Index(es):
- Date
- Thread